MINI-4742-3GXW-PGR5

Bulletin has no description...

CVE-2010-4742

Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ActiveX SDK allows remote attackers to execute arbitrary code via a long PlayFileName property value...

CVE-2025-4742

creationtimestamp| type| source ---|---|--- 2025-05-16 03:34:24+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16611 2025-05-16 05:07:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpbb3u672h2t...

CVE-2025-4742

CVE-2025-4742 affects XU-YIJIE grpo-flat up to 9024b43f091e2eb9bac65802b120c0b35f9ba856. The vulnerable component is the function main in the file grpo_vanilla.py , where input manipulation leads to a deserialization issue. Local access is required to exploit. The product uses continuous delivery...

CVE-2025-4742 XU-YIJIE grpo-flat grpo_vanilla.py main deserialization

A vulnerability classified as problematic has been found in XU-YIJIE grpo-flat up to 9024b43f091e2eb9bac65802b120c0b35f9ba856. Affected is the function main of the file grpovanilla.py. The manipulation leads to deserialization. Local access is required to approach this attack. Continious delivery...

CVE-2024-4742

CVE-2024-4742 affects Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress up to v1.2.5. It enables SQL Injection via the order_by shortcode attribute due to insufficient escaping and improper query construction. Exploitation requires authenticated access...

CVE-2024-4742 Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress <= 1.2.5 - Authenticated (Contributor+) SQL Injection

The Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPress plugin for WordPress is vulnerable to SQL Injection via the orderby shortcode attribute in all versions up to, and including, 1.2.5 due to insufficient escaping on the user supplied parameter and la...

CVE-2019-4742

creationtimestamp| type| source ---|---|--- 2024-03-16 11:16:06+00:00| seen| https://t.me/ctinow/209485...

CVE-2018-4742

Rejected reason: This candidate is unused by its CNA...

CVE-2023-4742

A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=dashboard/user/export&uid=X. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

CVE-2023-4742

CVE-2023-4742 affects IBOS OA 4.5.5. The vulnerability arises from SQL injection in the endpoint handling ?r=dashboard/user/export&uid=X, triggered by unknown processing of the exported file. Exploitation has been disclosed publicly and can be done remotely. Multiple connected sources corroborate...

@amitport/koangular-users (=0.0.0), @antimatter-studios/dredd (>=14.1.0 <=15.0.11) +206 more potentially affected by CVE-2022-4742 via json-pointer (>=0.0.4 <=0.6.1)

json-pointer NPM version =0.0.4, =14.1.0, =0.0.1, =0.0.2, =0.0.1, =1.2.6, =2.7.2, =1.0.0, =0.0.0-development, =1.0.0, =2.21.3, =9.0.0, =2.0.0, =0.0.1, =0.1.0 and more Source cves: CVE-2022-4742 Source advisory: OSV:GHSA-6XRF-Q977-5VGC...

CVE-2022-4742

CVE-2022-4742 affects json-pointer up to 0.6.1, specifically the index.js set function, enabling prototype pollution. The issue is exploitable remotely and is fixed by upgrading to 0.6.2 (patch 859c9984b6c407fc2d5a0a7e47c7274daa681941). Affected references consistently describe this as a critical...

@amitport/koangular-users (=0.0.0), @antimatter-studios/dredd (>=14.1.0 <=15.0.11) +206 more potentially affected by CVE-2020-7709 +2 more via json-pointer (>=0.0.4 <=0.6.1)

json-pointer NPM version =0.0.4, =14.1.0, =0.0.1, =0.0.2, =0.0.1, =1.2.6, =2.7.2, =1.0.0, =0.0.0-development, =1.0.0, =2.21.3, =9.0.0, =2.0.0, =0.0.1, =0.1.0 and more Source cves: CVE-2020-7709, CVE-2021-23820, CVE-2022-4742 Source advisory: SNYK:JS-JSONPOINTER-1577287...

Ubuntu: Security Advisory (USN-4742-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4742-1 : firejail - security update

Tim Starling discovered two vulnerabilities in firejail, a sandbox program to restrict the running environment of untrusted applications. - CVE-2020-17367 It was reported that firejail does not respect the end-of-options separator '--', allowing an attacker with control over the command line...

CVE-2019-4742

IBM Financial Transaction Manager 3.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks agains...

CVE-2019-4742

IBM Financial Transaction Manager for SWIFT Services 3.0 (3.0.0) is vulnerable to a remote clickjacking-type issue that could allow an attacker to hijack the victim’s click actions when the user visits a malicious page. The IBM bulletin for this CVE-2019-4742 entry confirms vulnerable web UI comp...

CVE-2017-4742

CVE-2017-4742 entry is rejected and not used, per the Initial Description.

CVE-2017-4742

...